OS identification

[Jeremy Fincher <jfincher () jemfinch shacknet nu>]

I've been fairly bored security-wise recently and decided to take some
time to have a little contest: I want to trick all the OS fingerprinting
tools I can into thinking I'm something that I'm not.

I've fooled nmap, queso, and anything else out there.  Netcraft,
however, continues to elude me.  I *cannot* figure out how to convince
it that I am not, in fact, running FreeBSD.

I have adjusted every HTTP header I can find.  I've hacked my initial
tcp sequence number generator in my kernel.  I've changed my tcp window
size, the default ttl of my ip packets, and everything else I can think
of.  I still cannot convince Netcraft that I'm something I'm not.

If anyone has any idea how Netcraft determines the operating system, I
would be *thrilled* to hear about it.  I've changed everything I know to
change and still can't figure it out.

Thanks,
Jeremy

--------------------------------------------------
For help using this (nmap-hackers) mailing list, send a blank email to 
nmap-hackers-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).